August 06, 2002

U.S. Postmaster also investigating Verisign?

Also interesting...I've always thought that stock bull boards were rather useless. Yahoo's board on VRSN has proven me wrong. Links to copies of the actual letters themselves can be found here and here.

Posted by system at 11:22 PM | Comments (0) | TrackBack

MS the new industry leader in security?

"Analyst: Microsoft on verge of security blitz. Move could displace sector leaders" says Infoworld. And this one on the heels of Shatter. I suppose things could be stranger today...
Posted by system at 10:54 PM | Comments (0) | TrackBack

FTC Probes Verisign Marketing - Take II

An updated story has been filed by Reuters that sorts out some of the vaguaries concerning the source of the story...Verisign's comments still pretty much confirm the facts that the story lays out, so I'm still saying "hold on to your hats ladies and gents, this is about to get interesting..."

Unfortunately, no original editorial at this point - other than the standard regurgi-fed items...

Posted by system at 10:39 PM | Comments (0) | TrackBack

FTC Probes VeriSign Marketing

Not much to say about this one other than the obvious which is to note that the FTC web site doesn't have much to say on the subject...

On one hand, Reuters is a very credible source for this story, but on the other, "a source close to the probe" doesn't really make it a "fact" in my mind.

Regardless, my personal conjecture is that this story is spot on (Verisign pretty much confirms it in the article). It will be interesting to see what further commentary develops within industry circles.

If it is true, it will be interesting to see what the findings are and whether or not Verisign re-uses their "government contractor immunity" defence that has served them very well in the past (or whether it would even be relevant as my layman's understanding of the pgMedia case is that it was anti-trust specific...come to think of it...would they qualify for anti-trust immunity now? The Interland reference is also interesting, especially given some of the prior associations that the news media has made. (Hmm...let's hope a lawyer with some insight decides to fire up his or her blog machinery and answer some of these tough questions...:).

There is one thing for certain, there is going to be much to be said on the subject over the coming months...

(Hmm...I suppose that there was a bit to say on this one ;)

Posted by system at 10:12 PM | Comments (0) | TrackBack

Wed, 07 Aug 2002 02:16:44 GMT bill is the mole, dot wins and now I can go to bed early. Hopefully this show doesn't go into repeats...
Posted by system at 09:16 PM | Comments (0) | TrackBack

Wed, 07 Aug 2002 02:13:14 GMT

Ahh well...guess that means that bill is the mole...stupid game.
Posted by system at 09:13 PM | Comments (0) | TrackBack

Wed, 07 Aug 2002 02:09:44 GMT

For the last bazillion weeks people have been getting themselves booted from the dhow because they had no idea who the mole is...and they are supposed to be able to answer that question now? Dumb start... Who cares...
Posted by system at 09:09 PM | Comments (0) | TrackBack

Wed, 07 Aug 2002 02:03:54 GMT who is the mole... More mindless commentary over the next hour as the only show I watch comes to an end...
Posted by system at 09:03 PM | Comments (0) | TrackBack

Sorry for the lack of

Sorry for the lack of updates over the last few days...I was purposely out of range of my computer for three straight days. Anyways, nice to be back.... Slashdot is running an interesting essay entitled "Exploiting design flaws in the Win32 API for privilege escalation. Or...Shatter Attacks - How to break Windows." As the paper states, "The flaws presented in this paper are, at the time of writing, unfixable. The only reliable solution to these attacks requires functionality that is not present in Windows, as well as efforts on the part of every single Windows software vendor. This research was sparked by comments made by Microsoft VP Jim Allchin who stated, under oath, that there were flaws in Windows so great that they would threaten national security if the Windows source code were to be disclosed. He mentioned Message Queueing, and immediately regretted it. However, given the quantity of research currently taking place around the world after Mr Allchin's comments, it is about time the white hat ? community saw what is actually possible." Microsoft's response? "...if I understand things correctly, the attack you describe either requires the user to run an attacker's program on their system or the attacker needs to have access to the user's system. I would recommend that you contact the program's owner and let them know of your report. There may or may not be a vulnerability for them to address, but the program's owner should determine that." It makes me wonder whether or not there is any connection between the publication of this note and Microsoft's recent move to release their source and API's prior to the formal final settlement approval or if its just a coincidence. Presumably, issuing API and source documentation that refutes this protects the "integrity" of the product...if it's a coincidence and Chris is right, then the Windows world is in for a whole mess of trouble...
Posted by system at 04:52 PM | Comments (0) | TrackBack